CVE-2002-0239 - Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long

CVE-2002-0239

Summary

Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:41.hanterm.asc
http://marc.info/?l=bugtraq&m=101310874106455&w=2
http://online.securityfocus.com/archive/1/255168
http://securitytracker.com/id?1001950
http://www.debian.org/security/2002/dsa-112
http://www.iss.net/security_center/static/8109.php
http://www.securityfocus.com/bid/4050

Vulnerable Configurations

cpe:2.3:a:hanterm:hanterm:3.3:*:*:*:*:*:*:*
cpe:2.3:a:hanterm:hanterm:3.3:*:*:*:*:*:*:*
cpe:2.3:a:hanterm:hanterm:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:hanterm:hanterm:3.3.1:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 18-10-2016 - 02:17)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	4050
bugtraq	20020207 Overflow Vulnerabilities in hanterm 20020207 another hanterm exploit
debian	DSA-112
freebsd	FreeBSD-SA-01:41
sectrack	1001950
xf	hanterm-command-line-bo(8109)

Last major update

18-10-2016 - 02:17

Published

29-05-2002 - 04:00

Last modified

18-10-2016 - 02:17